Unable to Add role- elasticsearch xpack


(Francis Praveen) #1

Hello, I am trying to setup Active Directory Security for the kibana dashboard. For that i tried to create role mapping but i am not able to create (i think i dont have manage_security role). So I tried to add the role for the user "kibana". Its telling "action unauthorized for the user kibana". Can Anyone please help on this.

Thanks


(Tim Vernum) #2

Please provide more details. What did you try? What went wrong?

You cannot edit the kibana user. It is a fixed builtin user.
It sounds like you are logging into Kibana as the kibana user.
That's a common mistake that new users make.

The kibana user is the user that the Kibana application uses for its own purposes when it connects to Elasticsearch. For example, it is how Kibana can tell whether your ES server is available, and whether it has security turned on. You should not log in to Kibana as that user, because it doesn't have permission to do very much (which is intentional - it has just enough access to run Kibana but no more)

You should initially login to Kibana using the elastic user. This is a superuser that can do everything.
You can use that user for everything you want to do, and always login to Kibana as elastic, but we don't recommend it. Because that user can do everything, it can make a horrible mess of your cluster if you're not careful, and one of the benefits of X-Pack security is that it can protect you from mistakes like that.

Rather, we recommend that you use the elastic user to login the first time, and then use the Kibana admin screens to create new, lower privileged users and roles that have just the permissions that you need, but nothing more. You can then safely use those users to do your work in Kibana, and you can always login as elastic if you need to make major changes.


(Francis Praveen) #3

Thanks for your reply. Can you please let me know whats the default password for 'elastic' user


(Francis Praveen) #4

Never mind..Got it thanks


(system) #5

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.